OCIONEWSLETTER Issue 14 • JAN 2014
SPOTLIGHT TAG and MADG Project Sharing Series:
DEC Technology Adoption Grants for Teaching Innovation Angel Lu Starting from 2012, City University of Hong Kong (CityU) has established two major grants to support the University’s e-learning strategy. The first round of applications for the two grants, namely the DEC Mobile App Development Grants (MADGs) and the DEC Technology Adoption Grants for Teaching Innovation (TAGs), attracted about 30 proposals from teachers and students.
In this issue, we will unveil successful TAGs stories of collaborative technology teaching through Dr. Bin Li from the Department of Chinese, Translation and Linguistics and Dr. Avnita Lakhani from the School of Law.
Improving Collaboration on the Whiteboard Having learners’ full participation is one of the key elements to effective learning. Now this is made possible through the adaptation of the whole new interactive whiteboard (IWB) to achieve interaction to its fullest extent. The TAG Project “Bringing Collaboration on (White) Board” brings an intriguing whiteboard, owned mostly by big tech companies or seen in science fiction movies, alive in a classroom. “Usually, students would feel that linguistic courses lack fun, but this board did get everyone’s attention from the very beginning!” exclaimed Dr. Li. This innovative whiteboard is a computer-attached screen with multi-touch interface that allows instructors to directly write or type on the teaching material presented on the screen. With software support, multiple users can simultaneously control applications or
2
OCIO NEWSLETTER
INDEX SPOTLIGHT 1
DEC Technology Adoption Grants for Teaching Innovation
FEATURE 6
IT Security Incident Management
10
CityU Apps Lab – An Innovative & Knowledge Sharing Hub at CityU
13
Why Is Server Storage More Expensive?
BRIEF UPDATES 3
In the News
4
CityU Receives a 2013 FutureGov Awards for Its Paperless Office Project
8
CityU Mobile - With All You Need on Campus
18
Realizing Students’ D&I Designs, 3D Printer at GE Lab
FYI 5
DOs and DON’Ts List for Managing Electronic Data/Information
IT SECURITY AWARENESS SERIES BY JUCC 16
End User Computing
IT Tools 20
Free Cloud-Computing Services
modify contents through either touching the board or using the built-in pen. Therefore, the IWB is especially efficient on group discussions and brainstorming as everyone can input their ideas on the screen separately and all these materials can, in turn, be saved in a bundled file. What’s more is that students are freed from copying word by word on traditional whiteboards and hence can concentrate on learning throughout linguistics tasks such as analysis and illustration of word formation and sentence structures. Students are thus fully engaged in various classroom activities, for example: group tasks and Q&A sections, to help facilitate effective teaching.
Dr. Bin Li hopes that tutorials will be extended to provide instructors a better hands-on experience with using the IWB.
Together with students’ affirmative feedbacks that used IWB, colleagues who had tried the equipment also strongly recognized the advantages brought by the IWB. Coherent classroom interaction is especially achieved through the employment of the flexible built-in pen that helps to create highlight effects on the spot rather than spending much time and effort on adding animations in the presentation materials in advance. They also confirmed that the IWB encouraged them to include more enriched teaching resources so that students were more immersed in such learning environment. In short, the IWB has turned classroom interaction and collaboration on the whiteboard into a realization.
Collaboration of Flipped, Interactive and Mobile Classroom Another key element to successful teaching is to effectively transfer knowledge that can be accessible around the clock. Learning anytime and anywhere with mobile devices is accomplished through Dr. Avnita Lakhani’s reward based knowledge transfer framework. The title of the granted TAGs project, “Multi-tiered Knowledge Transfer through Innovative Use of Technology” summarizes Dr.
Lakhani’s ambitious goal concisely. The framework is an online multitiered knowledge transfer model created through an innovative combination of technology and a flipped, interactive classroom. The framework involves three tiers of knowledge transfer by integrating the strategic use of technology in pre-class, in-class and postclass learning events in order to ensure students’ participation and involvement. During the pre-class preparation stage, course materials can be retrieved from Blackboard, CityU’s online learning management system while in-class knowledge transfer is reinforced by the integration of online “challenges” tailor-made for important topics. “It is a reward base e-learning model that encourages excellence and reinforces substantive legal knowledge,” explained Dr. Lakhani. To excel further, Dr. Lakhani encouraged the use of mobile learning both inside and outside the classroom for the post-class stage. By transcend the physical boundary of the classrooms, students have great flexibility to increase knowledge transfer, raise questions and receive feedbacks on assignments.
Issue 14 • JAN 2014
With the aid of Dr. Lakhani’s innovative technological framework, students are encouraged to refine their course knowledge through continuous “challenges” and, consequently, excel in their assessment tasks. The adoption impressively increased the number of “outstanding” grades in the same Dr. Avnita Lakhani’s multitiered knowledge transfer commercial law courses after Dr. Bin Li advocates the importance of classroom interaction especially for framework fosters students’ traditional courses. the implementation in 2012/13. deep thinking skills. After all, the ultimate goal of the framework is to foster deep thinking been streamlined nowadays. Dr. Li classroom by using that technology skills and inspire students to be life-long expects that by allowing teachers and to increase knowledge transfer and learners for long-term discovery and improve course design, delivery, and students to have more opportunities innovation. assessment. As evidenced by these to explore the technology will enhance examples, technology can foster their involvement and participation Advice of Good Technological innovation in the classroom through the in learning. Meanwhile, Dr. Lakhani Learning Practice stressed the importance of instructors collaboration between instructors and With the wise use of technology, the taking advantage of the technology learners powered by a shared desire to process of learning has undoubtedly excel in professional education. that students already bring into the
BRIEF UPDATES
In the News Office of the Chief Information Officer (OCIO)
The e-zone magazine, part of the Hong Kong Economic Times Holdings, is one of the leading IT magazines in Hong Kong. In the “IT Times” supplement of its 10 Oct 2013 issue, they interviewed Dr. Andy Chun, CityU’s CIO, to understand how IT is leveraged for “Discovery & Innovation @ CityU.” Dr. Chun explained how technology plays a crucial role in the education experience that CityU offers to our students. He talked about CityU’s mobile-learning initiative that has led to a majority of students using mobile devices, such as smart phones and tablets, to access our learning
management system (LMS) to learn and share on a regular basis. Dr. Chun also explained our current “flipped classroom” initiative that encourages active student engagement during class time, while content is provided online and often through lecture capturing tools. He indicated that the University’s “DEC Lab” facilities complements “flipped classroom” by providing a highly flexible learning environment for students to perform teamwork, discussions, and problem solving.
In the interview, Dr. Chun shared the spirit of the university’s “Discoveryenriched Curriculum” (DEC) in that it gives our students opportunities to make unique discoveries during their time at CityU, and how the University’s curriculum and learning environment supports this objective as well as how the University helps students patent their ideas and innovations. As part of this DEC-experience, are opportunities for our students to gain international experience through exchanges and other overseas activities.
3
4
OCIO NEWSLETTER
BRIEF UPDATES
CityU Receives a 2013 FutureGov Awards for Its Paperless Office Project Office of the Chief Information Officer (OCIO) The FutureGov magazine selected the City University of Hong Kong as the 2013 FutureGov Award winner for “Green Government.” In total, 20 government organizations were recognized at the 7th annual FutureGov Awards ceremony held in October 2013 in conjunction with the annual FutureGov Summit conference. Over 300 government CIOs and IT industry experts from North America, Europe, ANZ and Asia were present. The FutureGov technology awards are given each year to government, education or healthcare organizations to recognize and celebrate the most successful modernization programs in the region. This year, the Awards attracted over 650 nominations, out of which 83 finalists were shortlisted and 21 awards presented. CityU received the First Prize in “Green Government” – “recognizing
excellence in the planning, execution and positive environmental impact of digital sustainability programs” for its Paperless Office Project; and Runner Up in the “Education Organization of the Year” Award – “recognizing excellence in tertiary education administration” for its 334 Implementation Project. The Paperless Office Project is part of CityU’s commitment to sustainability. This enterprise-scale development project uses enterprise content management (ECM) technology to reduce paper and space consumption and at the same time improve efficiencies in our administrative processes as well as information security. The first users are the HR and Finance offices. With University’s rapid growth and expansion, these offices have been faced with numerous business challenges, including the need to streamline services and
Mr. Glenn Ashe, former Australian government CIO for the Attorney-General’s Office (left), presenting the FutureGov Award to Dr. Andy Chun, CIO, CityU (right).
optimize workflows, as well as shortage of physical space to store an increasing number of personnel and finance documents relating to over 4,000 current staff and a huge archive of former staff. Information security is also an important concern. This project provides a modern and innovative DMS solution, build on top of EMC Documentum, to handle these challenges. Having documents in secure digitized archive allows CityU to save time in decision making, save trees and space, and greatly enhance security. Over the past year, more than a million pages have been digitized and archived. Dr. Andy Chun, the Chief Information Officer of City University of Hong Kong, commented: “It is indeed a great honor for CityU to be recognized by international peers in this region and to be selected among so many other outstanding projects. The FutureGov Award is a major encouragement for us to continue to leverage technology for the benefit of higher education.” Dr. Chun pointed out: “This award represents the collective and dedicated efforts of both IT and the business units involved, namely the HR and Finance offices. This award belongs to all the hardworking staff that made this project a success. Congratulations to them!.”
5
Issue 14 • JAN 2014
OCIO NEWSLETTER
FYI
DOs and DON’Ts List for Managing Electronic Data/Information Charis Chan and Vincent Yiu (ed.) Security Depends on People More Than Technology We all come across a lot of sensitive information during our daily operation and it is vital for us to pay extra attention to information security. Many of us will have to handle confidential information such as examination materials, as well as grades and personal information of students and staff members. We would like to draw your attention to the “best practice” for handling sensitive information.
DOs and DON’Ts The following “DOs and DON’Ts” list to handle electronic data/information is consolidated from the conventional wisdoms from the Internet:
DOs P Email sensitive information only when the file/directory is encrypted or password protected#1 over CityU email server/website; P Store data on encrypted or password protected portable electronic storage devices#1,#2 P Avoid making copies of sensitive data; P Properly destroy copies of sensitive data, and all data in PCs, storage systems or other electronic devices upon their disposal; P Secure your user accounts by taking all reasonable precautions (e.g. change password regularly#3) to prevent unauthorized access to the data via your user account;
P Review your files on CSC managed Web/FTP/SharePoint servers to ensure that they are properly encrypted and their access privileges are appropriately set; remove any files that are no longer used or needed; P Secure your PC or devices which access or process University data by security software (e.g. Windows Firewall, McAFee, Windows Defender, etc.) mandated by the University and keep the software up-to-date#4 P Use “Password protected screen saver” to lock the screen and keyboard after 15 minutes of inactivity.
DON’Ts Store unencrypted sensitive data or personal information of students on your smartphone or tablet (e.g. iPhone, Android Phone); Leave your electronic storage devices unattended, e.g. in public area; Leave PC unattended with a session accessing data; Display or process the University data in a public or shared computer without proper security protection; or in unencrypted Wireless LAN or shared networks; Upload personal and sensitive data to publicly accessible web/FTP servers; Visit sites which security is uncertain with your office PC or any PCs involved in handling University data; Keep the University data longer than required to perform assigned duties;
The above list focuses on handling of electronic data and information which are more susceptible to leakage, unauthorized access, etc.; meanwhile, any physical media (e.g. printed copy and DVD) containing sensitive data and information must also be properly handled. Any leakage of personal and sensitive information may cause immeasurable damage to the reputation of the University and the person concerned may be held legally liable. If you have any enquiries on information security or need assistance, please contact infosec@cityu.edu.hk
#1 Encrypting File/Directory • 7-Zip <http://www.7-zip.org/> with AES-256 as algorithm for file or directory based encrypt, • password shall be at least 8-character long and contain at least one of: o a lower case character (a-z) o an upper case character (A-Z) o a number character (0-9) o a symbol character (!,@,#,$,%,^,&, *, …) • Password should NEVER be transmitted through email #2 Encrypting disk/virtual disk • TrueCrypt < http://www.truecrypt.org/ > for large size disk or virtual disk encryption • Recommended length of password is 20-character long and contain at least one of: o a lower case character (a-z) o an upper case character (A-Z) o a number character (0-9) o a symbol character (!,@,#,$,%,^,&, *, …) #3 Setting EID password • University’s Guidelines on password <http://www. cityu.edu.hk/csc/deptweb/support/guidelines/ password_setting.htm> #4 Updating Software for Security Protection • Enable automatic update for security patches for your Operating Systems, e.g. Windows, Mac OSX, and applications installed on your computer, e.g. Microsoft Office, Adobe Acrobat, etc.
5
6
OCIO NEWSLETTER
FEATURE
IT Security Incident Management Office of the Chief Information Officer (OCIO) The use of information technology (IT) products and services has become an integral and irreplaceable part of our daily life at the University. With increasing use of IT, there is an increasing need to be extra vigilant on IT security, particularly at the departmental level. Many of the Universityâ&#x20AC;&#x2122;s departments/ units have procured departmental IT systems to provide services to support internal and possibly external users. While these IT services bring much needed convenience and productivity, it does come with many new and important responsibilities, particularly in the area of IT security that must be taken seriously. Departments need to be aware that if security is not done properly, it will not only cause potential damage to departmental systems, but also to our central systems/services as well. In fact, most of our recent security breaches have been at the departmental level. The challenge is high. Departments release new services every year, as well as maintaining a pool of existing services; some of which may be aging. Regardless whether a system/service is new or old, special attention is required for the department owners to ensure systems/services are well maintained and vulnerabilities are properly managed by qualified IT professionals. In addition, users should be reminded of IT security best practice. Automobiles and driving is a good analogy for IT security. Drivers (owners) must always ensure that the automobile is well maintained and safe to use, observe the relevant traffic
laws and conditions, and avoid causing dangerous situations to themselves and the others. Similarly, departments need to ensure IT systems/services are well maintained (i.e. properly updated and patched) and safe to use, observe international best practice and standards, and avoid causing security breaches that affects themselves and others. Just like passengers (users) of an automobile, who must always fasten the seat belts and never lean toward the outside, users of IT systems/services must also follow IT security guidelines and avoid dangerous acts that might lead to security breaches.
are not properly managed, and IT security Incidents, severe or moderate, arise almost every month. Though, it is a general misconception that IT security incidents are equivalent to leakage of sensitive or personal data, and it is not true. In fact, in many of the incidents, IT systems are hijacked and used as platforms to launch further attacks to other Internet sites, with no sensitive or personal data involved.
IT Security Incident Handling
Both hacking and malware attacks target vulnerabilities in services and systems, and attempt to exploit these vulnerabilities to gain unauthorized access to information and services. Other than zero day vulnerabilities, many of the vulnerabilities could be fixed or mitigated.
Based on our accumulated experiences in managing IT security incidents, and referencing other organizations and international best practice [2] [3] [4], Central IT has established a standard procedure [5] for detecting and handling these incidents: 1. Detecting & Reporting This is the trigger for the IT Security Incident Handling Procedure. Central IT has already implemented multiple layers of network level intrusion detection mechanisms to discover suspicious activities as early as possible. Academic departments and administrative units shall also implement reasonable defense and detection mechanism for their own systems, especially on the application side, and report any suspected incidents to Central IT immediately.
As a matter of fact, the vulnerabilities in many of the Universityâ&#x20AC;&#x2122;s IT systems
2. Incident Analysis Upon discovery of suspicious
A chain is as strong as its weakest link. Since Central IT is highly fortified, hackers will attack departmental systems to gain entry into our enterprise network. Your help in keeping the defense strong at all our perimeters is highly important.
IT Security Incidents IT security incidents occur because of many reasons. In 2012, according to international studies, hacking contributed to 52% of data bleach incidents, and malware contributed to 40%, while some of the incidents were contributed by both [1].
Issue 14 • JAN 2014
activities, Central IT will analyze and validate the incident, and evaluate the severity. We then determine the actions required, e.g. make announcement and require potentially affected users to change passwords; report to the Hong Kong Police; and/or report to the Office of the Privacy Commissioner. The severity of incidents and incident handling actions will vary from case to case, of course. For example, some of the incidents may be related to non-critical information systems or non-sensitive data, and hence the possibility of causing service interruption, financial loss or reputation is remote. In this case, the severity will be low. Individual desktop infected by virus is an example. On the other hand, some incidents may be related to very serious, and possibly criminal, offenses. If not resolved timely or immediately, they may affect the normal operation of core services and lead to security breaches, resulting in financial loss and/or reputation damage. These are of high severity. Attempt to trespass to University’s information systems, such as by means of password cracking or network sniffing, is an example. 3. Containment Containing an incident is to limit the scope, impact and magnitude, before the spread of it which will overwhelm resources and/or increase damage. Upon detection of an incident, the first containment action to be taken is usually the taking
down of the computers concerned from the University’s network. This is to protect other systems from being affected. Using the car analogy, cars in traffic accidents are usually moved or towed to roadside immediately to avoid affecting other road users and to prevent further accidents. 4. Eradication and Recovery During eradication, root causes shall be identified, and eliminated. The owner shall remove the components of the incident, such as deleting malicious code, and disabling breached user accounts. Unless the root causes of an incident are identified, e.g. the virus infecting the system is found or the vulnerabilities being exploited is identified and removed, we do not consider eradication is completed. In the meantime, known vulnerabilities of affected systems must also be managed, as previously tampered systems are usually targeted and subject to further attacks. If root causes cannot be identified, it is required to reinstall the entire system from clean source in order to eliminate residue dangerous components. Using the car analogy, crashed cars must be properly repaired and examined to meet safety standards before they could be running on the road again. After eradication, if a system is confirmed to be clean, service could be restored. 5. Lessons Learnt After the restoration of service, systems owners shall review the incidents and take actions to prevent the occurrence of similar incidents in the future.
Final Remarks As the saying goes, “prevention is better than cure.” Incident handling is an aftermath, and many incidents should best and effectively be prevented by proper vulnerability management. The University is a highly decentralized environment with large degree of autonomy, in which departments/units are entitled to build and manage their own services and systems. Although the University organization is decentralized, our network assets are highly intertwined. In such an environment, we rely on all departments/units to do their part and ensure that all their systems, used by staff and students, are properly protected and managed according to the Central IT security policies and guidelines. Any slippage or carelessness could severely damage the University’s reputation as well as cause the loss of valuable data and intellectual property. If you need more information on how to ensure IT security for your department/ unit, please don’t hesitate to contact us: infosec@cityu.edu.hk
Reference:
[1] Verizon RISK Team, “2013 Data Breach Investigations Report,” 2013. [2] BS ISO/IEC 27001:2005 Information technology - Security techniques - Information security management systems - Requirements. [3] Office of the Chief Information Officer, HKSAR, “Information Security Incident Handling [G54], version 5.0,” 2012. [4] The SANS Institute, “Incident Handlers Handbook,” 2011. [5] OCIO, “Information Security Incident Management Standard,” 2012.
7
8
OCIO NEWSLETTER
BRIEF UPDATES
CityU Mobile - With All You Need on Campus Vicker Leung
In this academic year, the Central IT launched several mobile applications including CityU Mobile CAP and Mobile AIMS to facilitate our staff and students to access IT services on their mobile devices. To further extend this mobility to campus information such as maps, directions, catering services, communication directory and emergency contacts, the OCIO has recently launched a new mobile app “CityU Mobile”.
Centralizing Information At CityU, most information is available online through hundreds of thousands of web pages maintained by various offices and departments. Although the University websites are mobile friendly using the latest web technologies such as HTML5 and responsive layout, sometimes it is still difficult to locate a certain piece of information on mobile devices. For instance when a student wants to locate the office of an academic staff, s/he has to browse a departmental website, drills down a few navigation menus and scrolls through a long staff directory list to look for the name. This can be done easily on a desktop web browser but it will be comparatively difficult to be done on smartphones due to the limited screen real estate. With CityU Mobile, the contact information of all staff in the
Every icon is handcrafted to produce a crisp appearance no matter what device is used
academic departments is retrieved from their websites and centralized in the app. Students can easily find a staff member’s office location by simply tapping on his/her name. Other information like phone numbers and email addresses will be shown as well if available. Other frequently visited campus information is included in the app too, such as building directory, navigation paths, operating hours of catering facilities, emergency contact numbers etc. Everything you need on campus is now more accessible than ever.
Always Available When Needed Comparing with the desktop where a fast internet connection is always available, the internet connection on mobile devices is very limited and easily affected by location. To ensure information is always available when it is needed, CityU Mobile stores most of the information on the device. This also allows the information to be searched and displayed almost instantly, giving users a much smoother experience.
Integrating with Your Device Apart from the use of device storage, CityU Mobile tightly integrates with
the mobile device to provide other useful features that will not be available through web pages. In the Library module, users can bookmark a media item onto their devices. Every time when the app is launched, the updated item availability will be shown. This saves users tremendous amount of time searching each item again from the very beginning. By retrieving the clock of the device, the Schedule module is capable of showing the schedule of that day only, removing the need to flip through the whole timetable on a small screen. Students can even export the data to their preferred calendar apps. Other third party apps are used by CityU Mobile as well to provide a richer user experience. For example, if the Google Maps mobile app is installed, it can be used to show users the suggested paths to walk to the catering services around the CityU campus, make a phone call or compose email message to a department’s general office through the native apps which are just one tap away.
Issue 14 • JAN 2014
(Left) Schedule showing classes according to device clock. (Middle) Vector map with suggested path. (Right) Campus photo contributed by our students.
Modern User Interface
Future Releases
To provide a pleasant mobile experience, CityU Mobile also focuses a lot on user interface design. It is no doubt flat design [1] is the latest trend, which is widely adopted by many top companies such as Microsoft in Windows 8’s Metro [2] and Apple in iOS 7 [3].
In the forthcoming updates, CityU Mobile will focus on performance improvement with additional capabilities that further enhance the overall experience, including fuzzy string searching, background data synchronization and CityU Tour integration.
Simplicity being its core, CityU Mobile’s design including colors, icons and layouts are carefully crafted based on flat design concepts. Users will find it easy and attractive to navigate through the various elements inside the app.
Furthermore, a feature request portal is established at http://cityu- mobile. uservoice.com. Inputs collected through the platform will be prioritized to shape up the future releases of CityU Mobile. Your valuable inputs are always welcome and we believe a closer relationship with end users will allow us to maximize the value brought by this app to our staff, students and visitors.
To cope with the wide variety of mobile devices where each has a different screen configuration, every icon inside the app is handcrafted to pixels in vector format, resulting in a crisp appearance no matter how high or low the screen resolution is.
CityU Mobile Available on Apple App Store and Google Play
Reference:
[1] What is flat design? Web Design | Creative Bloq http://www.creativebloq.com/graphic-design/ what-flat-design-3132112 [2] Modern design at Microsoft http://www.microsoft.com/en-us/news/ stories/ design/ [3] Apple - iOS 7 - Design http://www.apple.com/ios/design/
9
10
OCIO NEWSLETTER
FEATURE
CityU Apps Lab – An Innovative & Knowledge Sharing Hub at CityU Ray Cheung
One of the important goals for the CityU Discovery-Enriched Curriculum is to ensure each CityU graduate identify one discovery via the study at CityU, and carry his/her innovation until graduation. In the past few years, more final year students have joined this blooming mobile industry, which requires solid technical skills, elegant graphical designs, strong business-oriented mind, and creative thinking (outof-the-box) to fulfill the high expectation from the emerging market. Today, people talk about big data analytics, and mobile applications that we use everyday are simply the gateway for users to enter their massive personal data seamlessly. Students are always full of energy and curiosity, the question is how we can enhance their learning experience at CityU and how to accumulate and disseminate their experiences. Over the past few years, one common phenomenon is that when one student engaged in one mobile application development as the final year project, the first half year will be spent on learning the mobile language basis, and the second half year will
be creating a client-webserver model for the project. It is difficult to extend the project when the student graduated. As a result, the CityU Apps Lab (CAL) was formed with the support from the CityU Incubator Scheme, and with the continued support from the Community of Practice (CoP), the EDGE, the OCIO, the CSE, the EE, and many colleagues at CityU. The CAL is growing from the beginning around 20 students, to now around 100 members from different departments. On our Facebook fan page, we have received around 100 additional “like” a month since the first launch in the summer of 2013, and now we are approaching 600 likes including people from non-CityU members, industry market leaders, and CityU Alumni. Attitude is the key to success; one prime vision for creating CAL is to train up our students’ attitude, and to give them appropriate support. One day, a business school student, Rex, approached me for creating a new mobile app project at CityU, and I connected him with 3 engineering students who could give him relevant technical support and
Fig. 1: The CAL Team on the Opening Day, 29 August 2013.
Fig 2: Honorary guests at the opening ceremony, 29 August 2013.
Issue 14 â&#x20AC;˘ JAN 2014
handle the app designs. CAL community is a collaborative platform that can stimulate their thoughts, connect them with the local industrial community, and thus train up their attitude for Excellency. We believe with a growing CAL community, any member at CityU can join the CAL and to identify the helping hand with the right talent for their project. Mobile app is a piece of software, and this software can be embedded into many devices around our lives. With the newly invented Galaxy Gear, and Google Glass, we believe that there will be a lot more small gadgets with mobile apps, and even for large ERP systems, people are talking about how to mobilize those systems, and to create small devices. We are currently working closely with Apple HK for deploying the new iBeacon Bluetooth LE technology for different target group. There are three major components offered at CAL: Workshop training, Project management, Start-up companies. We have previously organized Android, iOS, and Windows Phone workshop for local CityU students
and prospective highschool students. Project management skill is an essential component for each CityU student, and the existing CAL structure provides knowledge sharing from more experienced CAL members to the newbies. Startup required knowledge such as copyright and patent issues, and they are discussed at the CAL community. Next, we will have a CAL talk discussing how to protect your idea inside your mobile app; two market leaders, Keith Li (Innopage CEO), and Eric Yung (Playnote, CEO), and our University member, Dr. Eric Chan (EDGE, CityU) have agreed to share their experience with our students. We are currently working closely with Rotary District 3450 for an Organ Donation project, an Old HongKong Photo for revitalizing the old HK historical project, and on internal projects including projects with the Public Policy department, Information System department, DBS
Fig. 3: CAL Workshop: Windows Phone App Development, 6 November 2013.
Fig 4: EDGE Workshop on the CityU Information Day, 19 October 2013.
11
12
OCIO NEWSLETTER
Bank for the CAL talk, and many others. The next upcoming event is to visit GreenTomato, a leading mobile solution company founded by a CityU Alumni, in early January 2014. Up-to-date industry leaders have also provided sustainable support, including donations from Momentous Asia, Sengital Ltd, UDomain Ltd, and WTIA membership. Recently, we will have two generous donations from DBS Hong Kong Bank and Hutchison Whampoa Ltd. Mobile devices have changed the way we live and start each day, and the CAL
community is very eager to share the experience and explore the fantastic unknown future with each member at CityU. Please support our CityU talented students and receive our recent updates at “http://www.facebook. com/CityuAppsLab”.
Fig 5: CAL member, Desmond on the CityU Information Day, 19 October 2013.
Fig. 7: CAL Workshop: iOS7 offered by Apple HK senior engineers, 27 November 2013.
Fig 6: CAL Workshop on the CityU Information Day, 19 October 2013.
Fig 8: CAL and Rotary Club of Taipo launched the “We Can Code” 8-week workshop to 25 secondary school students from Tai Po, 18 January 2014.
Issue 14 • JAN 2014
FEATURE
Why Is Server Storage More Expensive? Joe Chow
Many users asked these two questions: Why can’t they get more network storage space and why can’t they get larger email disk quota? These questions arise as the price of desktop class hard drives goes down drastically. Users believe that this is the same for the server class storage. Obviously, this is a misunderstanding on the differences between server class storage (enterprise grade storage) and desktop class storage (consumer grade storage). In fact, enterprise grade storage demands much more than consumer grade storage and this contributes to the significant price difference. To compare these two storage types, it is similar to compare any appliance or tool built and used for professional and domestic purposes (e.g. professional camera versus consumer camera, navigation device versus compass, astronomical telescope versus binoculars, etc.) – they have obvious and distinctive differences in the environmental conditions they will be operated in, the way and the frequency of uses and hence the level of durability required, the level of maintenance required and, the price. This makes a professional appliance a hundred or even thousand times more expensive than a domestic appliance. Enterprise and consumer grade storages share exactly the same differences.
Enterprise versus Desktop Systems Enterprise systems, especially their data storage, require high quality standard that includes the following: 1) Reliability Enterprise storages need to be very
reliable. This is why people believe that saving data in a network drive is safer than saving their data in a local desktop computer. Storage devices, no matter whether mechanical hard drives or solid-state drives (SSD), are vulnerable to wear and eventually fail after prolonged use and/or many read-write operations. A reliable enterprise storage system is required to be much more tolerable to wear and tear for a much longer life-time without disk error even operating in a 365x7x24 non-stop environment. The mean-time-between-failure (MTBF) is a measure of their reliability. Some Enterprise storage systems even have built-in selfhealing capability. For example, any potential bad block of a disk (i.e. occasionally fails to read or write) will be automatically be relocated to a good block of the same disk. 2) Disaster recovery and business continuity No matter how drives are designed, the service down time due to failure of hard drives is still possible. Enterprise storage systems design, even using more durable drives, should not only reduce the chance of down time but can recover quickly from disaster and with high redundancy to ensure continued operation against simple failures. This robust design is of course more expensive. The mean-timeto-repair (MTTR) is a measure of their availability.
3) Performance and speed Enterprise storage systems usually serve multiple servers which concurrently access to the same storage. To minimize a bottleneck in assessing data, improving read/ write speed in the storage devices is critical. This involves employment of sophisticated hardware and software including cache (keeping the most frequently used data in fast memory so that the data, once in cache, will not need to be physically read from the disk again), pre-fetch (prepare to get or get the next block of data when getting or processing the current block) and/ or parallel processing (streamline the operations so that some independent ones can be done in parallel), which are commonly found only in enterprise grade storage systems. 4) Operating environment Enterprise storage systems are more tolerable to environmental changes such as shock, temperature, humidity, etc.
The Different Classes of Hard Drives Are all drives made equally? – Of course not! There are some features in enterprise class drives that make them more reliable. Also, many disk manufacturers stipulate different testing methodologies for different product ranges and state the enterprise drives are tested under enterprise usage conditions so that they are suitable to operate in a 365x7x24 non-stop environment as compared to the desktop drives
13
14
OCIO NEWSLETTER
which usually expect 40 working hours per week. The following are features required by enterprise class drives: 1) Rotational vibration tolerance capability One of the greatest performance issues in hard drives is their tolerance to high frequency vibration. The head of a disk drive must be positioned at the correct data tracks to access information. Small physical disturbances can cause the head off-track and cause a delay for its actuator to reposition it. This eventually has an impact on the performance of a hard drive. Many drives nowadays can tolerate some linear back-and-forth vibrations; however, circular and rotational vibrations can cause serious disruption and damage to hard drives. These problems are particularly significant in multidrive systems where many drives are installed in the same physical array. The rotational vibration of one drive can affect the whole array and progressively disturb the operation of other drives in the system. Enterprise class drives have a feature to reduce the effect that is caused by this kind of vibrations. They employ sensors to detect vibration and adjust the drive head accordingly. In addition, enterprise class drives usually have more sophisticated servo wedges (hardware) and servo algorithm (software) to determine the location of the head in relation to the track so that misalignments of head can be recovered. Desktop class drives on the other hand are without this design. Therefore, they are more likely to have vibration related errors if they are used in a storage array. 2) Error correction and data integrity capability Enterprise class storage system is normally implemented with â&#x20AC;&#x153;end-to-endâ&#x20AC;? error detection. Data
transmitting within enterprise drives will be accompanied by some internal parity check mechanism. This allows data transmission errors to be detected and corrected. Some desktop class drives do have internal error detection mechanism, but usually not supporting end-to-end data protection as enterprise class drives do. 3) Error recovery time limit Long drive recovery timeouts are unacceptable in enterprise systems. Many users can be affected and they could not tolerate an unresponsive server. Enterprise class hard drives having a shorter timeout enable the drive to respond quicker on recovering missing data. The shorter timeout allows a recovery to be taken place at the time when the drive continues to support other disk access requests. In desktop class drive design, it assumes the drive will do nothing to recover this kind of error, but instead it will continue to wait until it is timed-out by the application. 4) Difference in quality Heavy duty enterprise system workloads create greater wear on the mechanical parts of hard drives. Some manufacturers design enterprise class drives completely different from desktop class drives and they use components that are not comparable to desktop class drives. They adopt a low price strategy for desktop hard drives so as to make them more competitive in the market.
Higher Error Tolerance by Using RAID RAID (Redundant Array of Independent Disks) storage technology is used in most servers. By using multiple disks, this is to provide a higher fault tolerance where single (or more) hard
drives failure can be totally recovered. For example, a standard RAID-5 configuration stores data stripped into blocks and spread across 4 drives. A parity block (Say Ap) can be used to recover the data if any one of the blocks (A1, A2, and A3) of data is corrupted. With this configuration, data can be recovered if only one of the four hard drives fail. For higher error tolerance system, more redundant hard drives are needed.
The cost of using RAID not just includes extra hard drives but also requires a RAID controller.
Use of SAN Storage The total cost can be even higher if an enterprise system employs a more expensive storage system: the SAN (Storage Area Network). This type of storage system makes enterprise systems reliable, scalable, manageable and highly available. Despite the high cost, there are sound reasons for using SAN storage in enterprise storage systems: 1) Better disk utilization and management When all the storage is tied together through a centralized storage network, the gain is an added ability in managing all storage as a single entity. This reduces the administration effort as well as increases the flexibility of disk assignment where storages to different usages can be effectively allocated to servers that need the storage.
Issue 14 • JAN 2014
2) Good disaster recovery (DR) solution and higher availability Disasters like fire, flood or any type of physical outage in a data centre may be disastrous to an organization; some critical services are even unaffordable to go down for a minute, not to mention having loss of data. Using SAN-based replication as DR solutions where a copy of live data can be stored in a different location reduces failures in a single physical location. SANs can also provide scheduled downtime by allowing maintenance without disrupting normal services. 3) Eliminating the long backup time Decreasing the time for backing up huge amounts of data is one of the major benefits of installing a SAN. The SAN storage devices make possible instant replication of data which avoids long backup time. The duplicates can be used as either the backup of your data or as a source for backing up that data to a tape library connected to the SAN.
The price of a SAN storage system consists not only the hard drives but also other overheads which usually include some high-speed network switches, controllers, software licenses and other overheads (e.g. monitoring software).
What Does 1GB Network Storage Represents? To secure an enterprise system, more disk space is required than actually used by the applications or the users. So how much does this represent? For example, 1GB data used by a user normally represents a few times more in the actual storage in a server. First, if the data are stored in the SAN, the data are synchronized to and stored in a second SAN node. Thus, the amount of disk usage is duplicated, and the 1GB data are now actually a 2GB actual storage space. Important data will be backed up by one or more backup means, and for more critical systems, the backups may even span multiple regions or countries. Let’s say a system administrator takes snapshots of the data once a week and use 4 weeks as a repeated cycle, so an extra 4GB of disk space is needed. Eventually it becomes a total of 6GB (2GB duplicated SAN node + 4GB backups) to represent 1 GB of actual data. The above calculation shows the actual data expands 6 times in its actual storage space. This does not include the combination of extra disks required for running RAID configuration, though some costs will be saved by using deduplication techniques (e.g. if several users have the same copy of file, instead of storing multiple copies of the same file, storage system will only keep one copy of the file. When users attempt to access this file, the storage system will automatically redirect them to the location where the file resides at that time).
The Maintenance Costs for Enterprise Storage Some costs in running and maintaining enterprise systems are the hidden costs.
They include labour, maintenance, power, space and monitoring and administration tools required by the systems. The amount of these costs can differ from one service to another depending on the actual configuration (e.g. RAID standards, SAN configurations, backup strategies etc.). Over the past few years, the cost of equipment has come down from around 50% to 60% of the total cost of ownership (TCO) to less than 20% (Merrill, 2011). This means that the hidden cost in maintaining an enterprise system is higher than the equipment cost, and the trend continues. However, these hidden costs normally do not exist in the desktop storage, and the owners have to do the support themselves.
Conclusion As illustrated in previous sections, to maintain a highly reliable, well designed enterprise storage system with good performance capable for disaster recovery, the cost required is incomparable to that of desktop class storage. Reference: 1. Merrill, David R., (2011) “Storage Economics: Four Principles for Reducing Total Cost of Ownership” http://www.hds.com/assets/pdf/four-principles-forreducing-total-cost-of-ownership.pdf 2. Mean time between failures (MTBF) http://en.wikipedia.org/wiki/MTBF And Mean Time To Repair (MTTR) http://en.wikipedia.org/wiki/Mean_time_to_repair
15
16
OCIO NEWSLETTER
IT Security Awareness Series by JUCC With an aim to enhancing the IT security awareness of the CityU community, the KPMG was commissioned by the Joint Universities Computer Centre (JUCC) to prepare a series of articles on IT security and they will be adopted and published here for your reference.
End User Computing I. Background Industry Story The Problem with Unmanaged End User Computing Applications Researches revealed that about 68% of an enterprise’s corporate data is stored in applications managed and controlled by IT department. The other 32% of corporate data is stored in Microsoft Excel spreadsheets, other databases (e.g. Microsoft Access), business intelligence tools (e.g., reporting tools), Microsoft Word documents, web-oriented architecture “mashup” approaches and other end user computing applications. Often the 32% portion of corporate data exists in relatively uncontrolled environments and may lack the same safeguards and controls applied to the 68% portion of corporate data under the IT Department control. Such deficiency in safeguards and controls can result in negligent errors, as was the case with TransAlta Corp., which took a $24 million charge to earnings after a bidding error caused by a cut-and-paste mistake in an Excel spreadsheet. The lack of adequate safeguards and controls can also permit dishonest users to engage in fraud, as happened with AIB’s Allfirst Bank, where a trader hid a $700 million loss by substituting links in a company spreadsheet to his private manipulated spreadsheet. For regulated enterprises, this can lead to regulatory compliance issues. End User Computing Overview End User Computing (“EUC”), also known as User Developed Applications (“UDA”) is a popular approach that involves end users with nonprogramming knowledge in design, creation and maintenance of working applications. Unlike conventional
program development, assembling EUC programs is performed at application level of existing software packages. For examples, formulae entered in Microsoft Excel spreadsheet, analysis programs made by Statistical Analysis System (“SAS”) and macros embedded in Microsoft Word. From end users’ perspective, the use of EUC is convenient and efficient, as it can be created and maintained locally. However, when talking about information security, EUC has a new set of problems, including weak access control, uncontrolled change process, higher possibilities of mistakes and loss of data. Poor management of EUC could eventually lead to exploitations on those security vulnerabilities.
II. Management EUC programs that store and manipulate important information (e.g. financial figures, examination records, research data) of universities should be subject to same level of general IT controls implemented on applications controlled by IT department. Nevertheless, since the IT departments do not own those EUC programs, the first step towards effective EUC management is establishing a EUC control policy, covering the following elements:
Definition Each academic or administrative unit may have different interpretations of EUC applications, which may result in obstacles during the implementation of EUC controls. Management should provide clear definition of EUC programs and communicate to universities’ staff, students and any relevant members.
EUC Register A EUC register should be created by each academic or administrative unit to record all existing EUC programs. The nature of EUC programs should be identified and categorised into corresponding classes (e.g. financial, academic, operational, and informational). In addition, the ownership, including the owner’s’ name and respective academic or administrative unit, of each EUC program in the register should be documented. Management should also ensure that the EUC register is regularly updated to avoid any incorrect information kept within.
Risk Assessment The risk assessment process evaluates the risk level of each EUC programs in the EUC register based on its nature and the classification of information (e.g. confidential, internal and public) it stores/ manipulates, considering the following risks due EUC errors or frauds: • Financial Risk – Financial misstatement • Academic Risk – Incorrect research conclusions of findings • Operation Risk – Impact or interruption to operations • Information Risk – Misleading information Based on the risk assessments results (e.g. high, medium low), adequate level of security controls can be deployed for EUC programs, which helps to better utilise the limited resources for EUC management. The risk assessments should be performed at least once each year to ascertain the validity of assigned risk levels and maintain the appropriateness of the controls implemented over EUC programs. Control Requirement Based on the classes and risk levels of EUC
Issue 14 • JAN 2014
programs, the minimum requirements on EUC controls can be determined. Similar to IT general controls, typical EUC controls come from the following four areas:
• Access Control Logical or physical controls determine who can access specific EUC programs and what is the authorisation procedure required. For high risk EUC programs, the number of authorised personnel should be restricted to minimum. Granting access to EUC programs are usually done by the EUC owners. Documented evidence on access authorsiations should be retained for further reference or investigation purpose. • Change Management (Version Control) Changes to existing EUC programs are made in a controlled manner. The owners of EUC programs should review the change requests. High risk EUC program changes may also require the endorsement from the senior management. Before officially using the changed EUC programs, independent testing of changed EUC programs should be performed to ensure there are no mistakes, such as miscalculation and program errors. Documentations related to change requests (e.g. e-mails, request forms) and testing (e.g. test case, test result) should be maintained for each version of EUC program. • EUC Development Controls over EUC development are similar to those implemented for EUC changes. It is EUC owners’ responsibilities to ensure that all new EUC programs are developed with their consent and properly tested before being officially used by end users. • Operations Backup, restoration and problem management are the key components of EUC operations controls. Management may take a centralised approach (i.e. performing
backup, restoration and problem management for EUC programs centrally by IT department) or execute the operations controls in a distributed way (i.e. each academic or administrative unit back up, restore and provide troubleshooting services for its own EUC programs). Monitoring Periodic review or internal audit on the relevant controls over EUC programs are recommended to be performed by universities. The purpose of doing this is to assess the effectiveness of EUC management adopted by the universities and detect any deficiencies (e.g. deviation from established control requirement, missing control area, etc.). Management should review the identified deficiencies, coordinate with corresponding EUC owners to work out the remediation plan and track the remediation process.
III. General Users Best Practice to be Followed by General Users To use EUC programs safely and effectively, the general users are recommended to follow the practice below:
• Familiarise with EUC Policy The very first step for using EUC programs is to familiarise with the EUC control policy. Users must be able to know what is a EUC program, who is the owner, what is the procedure to change the EUC program, and whom should be contacted if the EUC program is accidently deleted / modified. • Avoid Unauthorsied Access Users are recommended to utilise the security functions that come along with the software packages. For example, password protection features in Microsoft Excel spreadsheets. The passwords should not be disclosed to unauthorised parties and should be changed regularly.
• Avoid Mistakes When using EUC programs, it is important to use the correct versions before storing or processing the data. Wherever possible, manual reconciliation/verification on EUC program output should be performed. If the mistakes are related to EUC programs instead of manual errors, corresponding EUC problem management procedure should be followed by users. In addition, users should consider incorporating input validation controls when developing or updating the EUC programs to reduce to the possibilities of having incorrect results.
Conclusion The convenience and flexibility of EUC has made it one of the most important IT components in universities’ computing environment. Good management of EUC allows universities to maximise the benefits of EUC and avoid the damage or loss caused by its vulnerabilities. General users can also increase their efficiency through the correct use of EUC programs and consistently following the EUC policy.
Copyright Statement All material in this document is, unless otherwise stated, the property of the Joint Universities Computer Centre (“JUCC”). Copyright and other intellectual property laws protect these materials. Reproduction or retransmission of the materials, in whole or in part, in any manner, without the prior written consent of the copyright holder, is a violation of copyright law. A single copy of the materials available through this document may be made, solely for personal, noncommercial use. Individuals must preserve any copyright or other notices contained in or associated with them. Users may not distribute such copies to others, whether or not in electronic form, whether or not for a charge or other consideration, without prior written consent of the copyright holder of the materials. Contact information for requests for permission to reproduce or distribute materials available through this document are listed below: copyright@jucc.edu.hk Joint Universities Computer Centre Limited (JUCC), Room 223, Run Run Shaw Building, c/o Computer Centre, The University of Hong Kong, Pokfulam Road, Hong Kong
Reference: http://www.isacapgh.org/07%20Event%20Archive February_ISACA_0Presentation.pdf
17
18
OCIO NEWSLETTER
BRIEF UPDATES
Realizing Students’ D&I Designs, 3D Printer at GE Lab Patrio Chiu
Good news to all GE course leaders, 3D printing technology is now available in the GE Lab to support GE course related student learning activities! With the support from the University, as part of the Discoveryenriched Curriculum (DEC), and to nurture students’ creativity using technology, a production-grade 3D printer, Fortus 400mc from Stratasys, is acquired and installed in the GE Lab. Different from the increasing popularity of low cost, hobbyist based, small 3D printers that are popping out in the market recently, the Fortus 400mc can produce accurate, durable, repeatable 3D parts with superior throughput. The 3D printer is designed to operate 24 hours a day with minimum downtime and reliable parts, which is crucial for supporting students to print out their dream designs before their assignment deadlines. The Fortus 400mc uses Fused Deposition Modeling (FDM) technology. FDM is the industry’s leading additive manufacturing technology, and the only one that uses production-grade thermoplastics, enabling the most durable parts. The system is able to build parts as large as 355 x 254 x 254 mm (14 x 10 x 10 in.), with layer thickness of 0.005 inch (0.127 mm), approximately the diameter of a human hair! It gives students a very flexible design environment to create their D&I designs with very fine details and good building size. Even better news is that the Fortus 400mc can use soluble supporting materials,
meaning that the 3D object that is printed by the system can have hollow or movable interconnected structures. The key building material is ABS-M30 thermoplastic, it is known for its great tensile, impact and flexural strength, and environmental stability. Students can perform post-processing steps to the printed product such as painting, drilling and polishing. Seven colors of the building materials are available in the GE Lab. The 3D printer can also use another building material, PCISO, known for its biocompatibility, superior strength and translucent color. Three GE course leaders/teaching teams have pioneered to integrate the 3D printing task as part of the teaching and learning activities and/or assessment tasks in their GE courses in semester A 2013/14. Dr King Lai, course leader of GE1324 - Creating Your Smart Home, has provided a very creative environment and professional guidance for his students to create prototype of intelligent home appliances using 3D printing technology. While Ms Virginia Fung, course leader of GE1304 - Visual Expression and Communication, nurtures her students to represent daily message innovatively through the use of 3D printer. Also one group of students from GE1218 - Make a Difference: The Challenge of Social Entrepreneurs in a Globalized World, taught by a
3D Printer Fortus 400mc from Stratasys installed in GE Lab
3D products from the GE Lab, designed by student helpers Yip Yi Chau (AP Yr3), Chow Ka Shing (BCH Yr2), Lai Chun Tak (EE Yr1), Kam Chun Wing (CA Yr2), Chan Ka Lai (AC Yr3) and Lau Tsz Kit (MBE Yr2)
teaching team includes Dr Yanto Chandra, Prof Linda Wong and Mr Kam Wah Ma, has used the 3D printer to create a prototype to help the visually impaired. Students from these courses received coaching on 3D printing technology provided by EDGE professional staff at the beginning of the course to have an overview on the ability and limitation of the 3D printer. They can than start their imagination engine to create their dream designs. To realize their idea, from just imagination to solid
Issue 14 â&#x20AC;˘ JAN 2014
3D objects, students will need to acquire 3D design skills, which may scare away some non- science or engineering students in the past. GE Lab staff thought of the issue and identified a couple very easy to use 3D design software, such as TinkerCAD, that any year 1 students from any disciplines can learn and use easily, in addition tutors are available in the GE Lab to guide the students to the use the software if needed. For students already possess expertise in 3D design skill, professional software like Rhino 4.0 and SolidWorks are available for them to design sophisticated structures. In fact most of the students enrolled in these courses do not have prior knowledge in 3D design and a significant number of them are nonscience or engineering students, but all of them enjoy using and learning through the 3D printing technology. Apart from GE course students, secondary school students can also have a taste of the 3D printing technology during Information Day 2013. GE Lab was open for visit and guided tour with 3D design experience was arranged to visitors including secondary school students, their teachers and parents. They are fascinated by the technology and enjoy the rare opportunity of transforming their imagination to reality. A number of students have designed 3D objects under the guidance of EDGE staff and tutors, selected designs were printed out as souvenir for their visit to GE Lab. GE Lab also supported other administrative units to promote
Student work from GE1324 - Creating Your Smart Home, course leader Dr King Lai
Student work from GE1304 - Visual Expression and Communication, course leader Ms Virginia Fung
Secondary school students enjoyed 3D printing experience at GE Lab during Information Day 2013 Student work from GE1218 - Make a Difference: The Challenge of Social Entrepreneurs, teaching team includes Dr Yanto Chandra, Prof Linda Wong and Mr Kam Wah Ma
the University. Via the connection of Development Office, a souvenir is prepared by a student helper for a major supporter of the University and is well received. The supporter is amazed by the creativity and innovation idea of our student in using the 3D printing technology.
A souvenir for a major supporter of the University, designed by a student helper Yip Yi Chau (AP Yr3).
19
20
OCIO NEWSLETTER
IT TOOLS
Free Cloud-Computing Services Andy Chun
The “IT Tools” column introduces some useful tools and apps for teaching, learning, or research. Most of the tools/apps highlighted will be free or at low cost. In this issue of the OCIO Newsletter, I have selected two cloud-computing services that offer free usage credit for education – the Amazon Web Services (AWS) and Microsoft Windows Azure.
Amazon provides “AWS in Education” grants that allow educators, academic researchers, and students to get free usage credits to use AWS cloud for teaching/research. This allows certain courses to be taught without extensive hardware and network infrastructure. The “Teaching Grant” provides up to US$100 in free usage for each student enrolled in courses with AWS as part of the curriculum. Large research projects that require extensive compute power and storage infrastructure may apply for a “Research Grant.” Grant amounts will depend on research project needs. More info: http://aws. amazon.com/grants/ Microsoft also provides grants for educators who want to use Windows Azure in their courses. Approved courses will get passes for students to use various computing, storage, and database cloud services. In addition, the “Windows Azure Research Engagement” project provides services for researchers on projects that advances client and cloud computing. For more info, visit: http://www.windowsazure.com/en-us/ community/education/
Editorial Box OCIO Newsletter Advisory Board Dr. Andy Chun (OCIO) Ms. Annie Ip (OCIO) Mrs. W K Yu (ESU) Mr. Raymond Poon (CSC) Mr. Peter Mok (CSC) Ms. Maria Chin (CSC) Publishing Team Ms. Noel Laam (CSC) Ms. Annie Yu (CSC) Ms. Joyce Lam (CSC) Mr. Ng Kar Leong (CSC) Ms. Kitty Wong (ESU) Ms. Doris Au (OCIO) For Enquiry Phone 3442 6284 Fax 3442 0366 Email csc@cityu.edu.hk OCIO Newsletter Online http://issuu.com/cityuhkocio